Confession time. mea culpa mea culpa mea culpa > OK, so I now did my SAML dance and got the cookie from the SAML > response from the VPN (i.e. <portal-userauthcookie>). I then > did (I tried both that cookie and the preauth-cookie): Blah Blah. Irrelevant stuff! So, I couldn't figure out why my code that did exactly what the example gp-saml-gui code did would not work. Except, my code did not exactly the same (duuh). I started working on this using the global-protect/pre-login.esp URL, just to get the whole SAML dance done. Of course, after you figure that out, it *really* helps if you actually use the *ssl-vpn*/pre-login.esp if you try to start a VPN. My sincere apologies to this mailing list for wasting valuable time. Michel _______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
